316afc054afd9652ef1d827982d82958_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

316afc054afd9652ef1d827982d82958_JaffaCakes118
Size

80KB
MD5

316afc054afd9652ef1d827982d82958
SHA1

67c0bada72af9c81d15d85726de67a90a3c22989
SHA256

0cb80814832ce5afe217c37003bba0f45ef4b4f17e4d6baaf54459d02ef14930
SHA512

c8e4de59183fad9ab868f0899469b1c38ddb212003170c0b577cb24ba469fc41993af4e5153dae0d3a22f917463f97a44e3d669da92aa882a7c65e46cad19470
SSDEEP

384:/LGMiyhNVxg715pdKk8p0V50V50V90VQ0Vj0Vn0Vb0Vq0Vu0VB0Vn0VB0Vg0Vz0x:gylHD/3wWby

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
316afc054afd9652ef1d827982d82958_JaffaCakes118

Files

316afc054afd9652ef1d827982d82958_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\CHP\Development\R1.3.2\Consistel\Ibas\Programs\WPF\EnterpriseClient\Src\obj\Debug\Consistel.Ibas.Programs.Wpf.EnterpriseClient.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ